TERM PAPER SUBMITTED TO SUBMITTED BY LECT.JASLEEN KAUR Manpreet singh Roll no E3004A84 ClassM.C.

A(1STSEM)
1

ACNOWLEDGEMENT
I would like to express my gratitude to all those who gave me helping hand incompleting this term paper. I want to thank my teacher LECT.JASLEEN KAUR for helping me whenever I needed it the most. My friends have also supported me in my work. I want to thank them all for their help, support, interest and valuable hints.
2

INDEX
SRNO CONTENTS PAGENO 1. Introduction 3 2. Design concept 5 3. Unified input/output model 5 4. Files system,files and names 6 5. Union directories 7 6. Net 7 7. Networking and distributed computing 8 8. Similarties to and distributed from unix 9 9. Advantages 9 10 Uses 10 11 Features 11 12 File protocol 12 13. Examples 13 14. Security in plan 9 20 15. Conclusion 20
INTRODUCTION
3

Plan 9 from Bell Labs is a distributed operating system. It was developed primarily for research purposes as the successor to UNIX by the Computing Sciences Research Center at bell-labs between the mid-1980s and 2002. Plan 9 is most notable for representing all system interfaces, including those required for networking and the user-interface, through the file system rather than specialized interfaces. Plan 9 aims to provide users with a workstation-independent working

environment through the use of the 9p protocols. Plan 9 continues to be used and developed in some circles as a research operating system and by hobbyists. Plan 9 replaced Unix at Bell Labs as the organization's primary platform for research. It explored several changes to the original Unix model that facilitate the use and programming of the system, notably in distributed multi-user environments. Plan 9 was a Bell Labs internal project from its start during the mid 1980s. In 1992, Bell Labs provided the first public release to universities. In 1995, a commercial second release version became available to the general public. In the late 1990s, lucent technology, having inherited Bell Labs, dropped support for commercial interests in the project. In 2000, a non-commercial third release was distributed under an open source license. A fourth release under a new free software license occurred in 2002. A user and development community, including current and former Bell labs members and Massachusetts Institute of Technology personnel, continues to produce minor daily releases in form of ISO images. Bell Labs still hosts the development. The development source tree is accessible over the 9P and HTTP protocols and is used to update existing installations. In addition to the official components of the OS included in the ISOs, Bell Labs also hosts a repository of externally developed applications and tools. Plan 9 from Bell Labs was developed by members of the Computing Science Research Center at Bell Labs, the same group that developed UNIX and C. The Plan 9 team was originally led by Rob Pike, Ken Thompson, Dave Presotto and Phil Winterbottom with support from Dennis Ritchie as head of the Computing Techniques Research Department. Over the years many notable developers have contributed to the project including Brian Kernighan, Tom Duff, Doug McIlroy , Bjarne Stroustrup, Bruce Ellis, Steve Simon and others. Plan 9 was engineered for modern distributed environments, designed
4

from the start to be a networked operating system. It has graphics built-in, unlike Unix, which added these features to the design later. Plan 9 has yet to become as popular as Unix derivatives, but it has an expanding community of developers. Plan 9 has a distributed architecture. It can be installed and used on a single selfcontained system, but also has the capability to separate the functional components of the OS between separate hardware platforms. In a typical Plan 9 installation, users work at lightweight terminals running the rio GUI and connect via the network to CPU servers that handle computation-intensive processes, with permanent data storage provided by additional hosts acting as file servers and archival storage. Currently available desktop computers can also re-create this architecture internally using multiple virtual machines.

Design concepts
Plan 9's designers were interested in goals similar to those of microkernels, but chose different architecture and design details to achieve them. Plan 9's design goals included: File system based devices: All resources are represented by nodes in the hierarchical file system. Namespaces: The application view of the network is a single, coherent namespace that appears as a hierarchical file system but may represent local or remote physically separated resources. The namespace of each process can be constructed independently, and the user may work simultaneously with applications with heterogeneous namespaces

Unified input/output model

Before Unix, most operating systems had different mechanisms for accessing different types of devices. For example, the application programming interface (API) to access a disk drive was different from the API used to send and receive data with a serial port, or from the API used to operate a printer.
5

Unix attempted to remove these distinctions by performing all input/output operations via disk in odes. Every device driver was required to support meaningful read andwrite operations as a means of control. This allowed users to send data from one device to another, with utilities like cp and dd, without being aware of the underlying implementation details. However, at the time, many key concepts (such as the control of process state) did not map uniformly onto the file system. As new features like Berkeley sockets and the X Window System were developed, they were implemented outside of the file system. New hardware features (such as the ability to eject a CD in software) also encouraged the use of hardware-specific control mechanisms like the ioctl system call. The Plan 9 research project rejected these different approaches and returned to the file system-centric view of the system. Each Plan 9 program views all available resources, including networking and the user-interface resources, such as the window it is running in, as part of the hierarchical file system, rather than specialized interfaces.

File systems, files, and names

Plan 9 extended the system beyond files to "names", that is, a unique path to any object whether it be a file, screen, user, or computer. All are handled using the existing Unix standards, but are extended such that any object can be named and addressed uniformly. This is similar in concept to the Uniform Resource Identifier (URI) used in the World Wide Web. In Unix, devices such as printers were represented by names using software converters in /dev, but these addressed only devices attached by hardware, and did not address networked devices. Under Plan 9 all printers are virtualized as files, and can be accessed over the network from any workstation. Another Plan 9 innovation was the ability for users to have different names for the same "real world" objects. Each user could create a personalized environment by collecting various objects into their namespace. Unix has a similar concept in which users gain privileges by being copied from another user, but Plan 9 extends this to all objects. Users can easily spawn "clones" of themselves, modify them, and then remove them without affecting the resources from which they were created.
6

Union directories
Unix allows file systems to be built up from disparate resources using concepts such as links and file system mounts. These features masked the original directory; if one mounts a new file system on the directory named "net", one can no longer access its previous contents until the operation is reversed. Plan 9 introduced the idea of union directories, directories that combine resources across different media or across a network, binding transparently to other directories. For example, another computer's /bin (applications) directory can be bound to one's own, and then this directory will hold both local and remote applications and the user can access both transparently. Using the same system, under Plan 9 external devices and resources can be bound to /dev, allowing any device to be shared over the network without any additional code.

net

Plan 9 does not have system calls for the multitude of communication protocols or device driver interfaces. For example /net is the API for all TCP/IP, and it can be used even with scripts or shell tools, writing data to control files to write and read connections. Relevant sub-directories like /net/tcp and /net/udp are used to interface to respective protocols. You can implement a NAT by mounting a /net from a perimeter machine with a public IP, while connecting to it from an internal network of private IP addresses, using the Plan 9 protocol 9P in the internal network. Or you can implement a VPN by mounting a /net directory from a remote gateway, using secured 9P over the public Internet. Here would be an example of using union (a stack) directories in /net: just like inheritance in OOP, you can take one (possibly remote) /special directory and bind another local special directory on top of that, adding some new control files and hiding others. The union directory now is like a child object instance of the original parent. The functionality of the original can be partially modified. Consider the /net file system. If you modify or hide its /net/udp sub-directory you may control or extend the UDP interface with local filter processes, still leaving the original /net/tcp running intact, perhaps in a remote machine. Note that name space
7

is per process: if you give an untrusted application a limited, modified /net union directory, you restrict its access to the net. All this makes it easy to combine "objects" or file systems written in different languages on different systems, while using standard naming, access control and security of the file system, largely transparent to the programmer. This is similar to the facility offered by the mount_portal[1] command in BSD which by convention is mounted on /p instead of /net with only /tcp available.

Networking and distributed computing

Plan 9 is based on UNIX but was developed to demonstrate the concept of making communication the central function of the computing system. All system resources are named and accessed as if they were files and multiple views of the distributed system can be defined dynamically for each program running on a particular machine. This approach improves generality and modularity of application design by encouraging servers that hold any information to appear to users and to applications just like collections of ordinary files. Key to supporting the network transparency of Plan 9 was a new low-level networking protocol known as 9P. The 9P protocol and its implementation connected named network objects and presented a file-like system interface. 9P is a fast byteoriented (rather than block-oriented) distributed file system that can virtualize any object, not only those presented by an NFS server on a remote machine. The protocol is used to refer to and communicate with processes, programs, and data, including both the user interface and the network. With the release of the 4th edition, it was modified and renamed 9P2000.

Similarities to and differences from UNIX

Plan 9 is similar to UNIX in that is has a kernel, a command shell, and various C compilers. It also has man pages and runs standard UNIX applications like awk, emacs, cp, ls, and others listed here. It is different from UNIX in that the people who
8

wrote it had 20 years of kernel and user experience to re-think and redesign the entire operating system. One major difference from UNIX and most other operating systems is that all major applications understand 9P, the underlying, distributed file

system protocol. And because everything under Plan 9 is part of the file system, and the file system is distributed, everything under Plan 9 is distributed, and easily accessible as a file object. Instead of the X11 window management system, Plan 9 has Rio. Rio is small, intuitive, and easy to program. A Plan 9 contributor, Geoff Collyer, wrote a graphics front end for the Reversi game in 469 lines of C code. That's impressive. Because Rio sits on top of 9P, Rio itself is a distributed windowing system. UNIX's name server, BIND, has been replaced by ndb, which is easy to configure, much more secure, and is the partial basis for Plan 9's powerful, distributed name space. Plan 9 does not use UNIX sockets for inter-process and inter-computer communications. Instead, all communications are done through 9P, the distributed file system paradigm. Protocol stacks and network cards are implemented as file system objects. Ethernet packet types are simply subdirectories. Plan 9 does have an extremely robust implementation of TCP/IP including IPV6. The abstraction of network communications separates ordinary programs from the gory details of network connection specifics. New protocols and transport media can be added or changed with virtually no impact on basic applications.

ADVANTAGES:
It was designed as a faster, cleaner, more-lightweight multi-processor operating system with better security in all aspects of operation. It uses lightweight processes that were designed for fine-grained resource control across forks. The thread library uses no kernel support and this makes it very quick. Plan 9's system libraries were built with multi-processing and Unicode character support from day 1. In fact, UTF-8 was invented for Plan 9. These libraries, in conjunction with a new generation of high performance Plan 9 compilers, make application development very fast and very reliable.
9

The Plan 9 security model is quite different from other mainstream operating systems. It has no root, administrator, or super user. Instead, local host owners have privileges over their own machines and can join various network groups that extend more privileges and access to resources such as printers or the CPU. Authentication is done using the Secstore client application. The Secstore server exchanges encrypted passwords or hardware passkeys, and stores sensitive information in memory. Because all distributed resources have been rewritten for simplicity and efficiency, network administrators love it for its ease of use. Developers love Plan 9 because its libraries are elegant and the compilers are clean and fast.

How is Plan 9 worse?

As with other innovative operating systems, Plan 9 suffers from a lack of commercial support, a lack of device driver support, and a lack of mainstream applications. When this article was written Plan 9 did not have a web browser, it does not have support for VMWare virtualization (but does for Xen), it did not have accelerated video card support other than GForce and some Radeons, it supports only a few sound cards beyond AC97 and Soundblaster. It did not have office productivity software. And it did not support Windows compatibility through Wine.

USES
Plan 9 offers only a few advantages to single workstation users running in isolation. Its advantages grow rapidly as the number of networked Plan 9 workstations increase. If you are developing a large distributed computing application, using Plan

9 makes a lot of sense. If, for instance, you are performing large-scale scientific computing that needs to run across a large number of computers you are faced with a variety of difficult challenges. A particular problem in large node computing is that the failure of a single node can bring your whole computing cluster to a halt. This problem is increasingly likely as the number of processors increase. Consider that a computer node with a mean time between failure of 10,000 hours (or about 1.15 years), when used in a cluster of 10,000 nodes will fail on average of once an hour. In other words, your large, expensive super-computer will crash once an hour. Plan 9
10

provides the basis for writing processes that can be mirrored or replicated in more efficient ways and can become fault tolerant. Without increased fault tolerance, large scale computing just doesn't scale well.

FEATURES
The

dump file system makes a daily "snapshot" of the filestore available to

users Unicode character set support throughout the system Advanced kernel synchronization facilities for parallel processing ANSI/POSIX environment emulator (APE) Plumbing, a language driven way for applications to communicate Acme - an editor, shell and window system for programmers Sam - a screen editor with structural regular expressions Support for MIME mail messages and IMAP4 Security - there is no super-user or root, and passwords are never sent over the network Venti - archival storage Fossil - Hierarchical file system built on top of Venti, with automatic snapshots and archives The operating system for the CPU servers and terminals is structured as a traditional kernel: a single compiled image containing code for resource management, process control, user processes, virtual memory, and I/O. Because the file server is a separate machine, the file system is not compiled in, although the management of the name space, a per-process attribute, is. The entire kernel for the multiprocessor SGI Power Series machine is 25000 lines of C, the largest part of which is code for four networks including the Ethernet with the Internet protocol suite. Fewer than 1500 lines are machine-specific, and a functional kernel with minimal I/O can be put together from source files totaling 6000 lines. [Pike90] The system is relatively small for several reasons. First, it is all new: it has not had time to accrete as many fixes and features as other systems. Also, other than the network protocol, it adheres to no external interface; in particular, it is not Unix11

compatible. Economy stems from careful selection of services and interfaces. Finally, wherever possible the system is built around two simple ideas: every resource in the system, either local or remote, is represented by a hierarchical file system; and a user or process assembles a private view of the system by constructing a file name space that connects these resources. [Needham]

File Protocol
All resources in Plan 9 look like file systems. That does not mean that they are repositories for permanent files on disk, but that the interface to them is file-oriented: finding files (resources) in a hierarchical name tree, attaching to them by name, and accessing their contents by read and write calls. There are dozens of file system

types in Plan 9, but only a few represent traditional files. At this level of abstraction, files in Plan 9 are similar to objects, except that files are already provided with naming, access, and protection methods that must be created afresh for objects. Object-oriented readers may approach the rest of this paper as a study in how to make objects look like files. The interface to file systems is defined by a protocol, called 9P, analogous but not very similar to the NFS protocol. The protocol talks about files, not blocks; given a connection to the root directory of a file server, the 9P messages navigate the file hierarchy, open files for I/O, and read or write arbitrary bytes in the files. 9P contains 17 message types: three for initializing and authenticating a connection and fourteen for manipulating objects. The messages are generated by the kernel in response to user- or kernel-level I/O requests. Here is a quick tour of the major message types. The auth and attach messages authenticate a connection, established by means outside 9P, and validate its user. The result is an authenticated channel that points to the root of the server. The clone message makes a new channel identical to an existing channel, which may be moved to a file on the server using a walk message to descend each level in the hierarchy. The stat and wstat messages read and write the attributes of the file pointed to by a channel. The open message prepares a channel for subsequent read and write messages to access the contents of the file, while create and remove perform, on the files, the actions implied by their names. The clunk message discards a channel without affecting the file. None of the 9P messages consider caching; file caches are provided, when needed, either within the
12

server (centralized caching) or by implementing the cache as a transparent file system between the client and the 9P connection to the server (client caching). For efficiency, the connection to local kernel-resident file systems, misleadingly called devices, is by regular rather than remote procedure calls. The procedures map one-to-one with 9P message types. Locally each channel has an associated data structure that holds a type field used to index a table of procedure calls, one set per file system type, analogous to selecting the method set for an object. One kernelresident file system, the mount device, translates the local 9P procedure calls into RPC messages to remote services over a separately provided transport protocol such as TCP or IL, a new reliable datagram protocol, or over a pipe to a user process. Write and read calls transmit the messages over the transport layer. The mount device is the sole bridge between the procedural interface seen by user programs and remote and user-level services. It does all associated marshaling, buffer management, and multiplexing and is the only integral RPC mechanism in Plan 9. The mount device is in effect a proxy object. There is no RPC stub compiler; instead the mount driver and all servers just share a library that packs and unpacks 9P messages.

Examples
One file system type serves permanent files from the main file server, a standalone multiprocessor system with a 350-gigabyte optical WORM jukebox that holds the data, fronted by a two-level block cache comprising 7 gigabytes of magnetic disk and 128 megabytes of RAM. Clients connect to the file server using any of a variety of networks and protocols and access files using 9P. The file server runs a distinct operating system and has no support for user processes; other than a restricted set of commands available on the console, all it does is answer 9P messages from clients.

Once a day, at 5:00 AM, the file server sweeps through the cache blocks and marks dirty blocks copy-on-write. It creates a copy of the root directory and labels it with the current date, for example 1995/0314. It then starts a background process to copy the dirty blocks to the WORM. The result is that the server retains an image of the file system as it was early each morning. The set of old root directories is accessible using 9P, so a client may examine backup files using ordinary commands. Several advantages stem from having the backup service implemented
13

as a plain file system. Most obviously, ordinary commands can access them. For example, to see when a bug was fixed grep mouse bug fix 1995/*/sys/src/cmd/8/file.c The owner, access times, permissions, and other properties of the files are also backed up. Because it is a file system, the backup still has protections; it is not possible to subvert security by looking at the backup. The file server is only one type of file system. A number of unusual services are provided within the kernel as local file systems. These services are not limited to I/O devices such as disks. They include network devices and their associated protocols, the bitmap display and mouse, a representation of processes similar to /proc [Killian], the name/value pairs that form the environment passed to a new process, profiling services, and other resources. Each of these is represented as a file system directories containing sets of files but the constituent files do not represent permanent storage on disk. Instead, they are closer in properties to UNIX device files. For example, the console device contains the file /dev/cons, similar to the UNIX file /dev/console: when written,/dev/cons appends to the console typescript; when read, it returns characters typed on the keyboard. Other files in the console device include /dev/time, the number of seconds since the epoch, /dev/cputime, the computation time used by the process reading the device, /dev/pid, the process id of the process reading the device, and /dev/user, the login name of the user accessing the device. All these files contain text, not binary numbers, so their use is free of byte-order problems. Their contents are synthesized on demand when read; when written, they cause modifications to kernel data structures. The process device contains one directory per live local process, named by its numeric process id: /proc/1, /proc/2, etc. Each directory contains a set of files that access the process. For example, in each directory the file mem is an image of the virtual memory of the process that may be read or written for debugging. The text file is a sort of link to the file from which the process was executed; it may be opened to read the symbol tables for the process. The ctl file may be written textual messages such asstop or kill to control the execution of the process. The status file contains a fixed-format line of text containing information about the process: its name, owner, state, and so on. Text strings written to the note file are delivered to the process
14

as notes,analogous to UNIX signals. By providing these services as textual I/O on files rather than as system calls (such as kill) or special-purpose operations (such as ptrace), the Plan 9 process device simplifies the implementation of debuggers and related programs. For example, the command cat /proc/*/status is a crude form of the ps command; the actual ps merely reformats the data so obtained. The bitmap device contains three files, /dev/mouse, /dev/screen, and /dev/bitblt,

that provide an interface to the local bitmap display (if any) and pointing device. The mouse file returns a fixed-format record containing 1 byte of button state and 4 bytes each of x and y position of the mouse. If the mouse has not moved since the file was last read, a subsequent read will block. The screen file contains a memory image of the contents of the display; the bitblt file provides a procedural interface. Calls to the graphics library are translated into messages that are written to the bitblt file to perform bitmap graphics operations. (This is essentially a nested RPC protocol.) The various services being used by a process are gathered together into the processs name space, a single rooted hierarchy of file names. When a process forks, the child process shares the name space with the parent. Several system calls manipulate name spaces. Given a file descriptor fd that holds an open communications channel to a service, the call mount(int fd, char *old, int flags) authenticates the user and attaches the file tree of the service to the directory named by old. The flags specify how the tree is to be attached to old: replacing the current contents or appearing before or after the current contents of the directory. A directory with several services mounted is called a union directory and is searched in the specified order. The call bind(char *new, char *old, int flags) takes the portion of the existing name space visible at new, either a file or a directory, and makes it also visible at old. For example, bind("1995/0301/sys/include", "/sys/include", REPLACE) causes the directory of include files to be overlaid with its contents from the dump on March first.
15

A process is created by the rfork system call, which takes as argument a bit vector defining which attributes of the process are to be shared between parent and child instead of copied. One of the attributes is the name space: when shared, changes made by either process are visible in the other; when copied, changes are independent. Although there is no global name space, for a process to function sensibly the local name spaces must adhere to global conventions. Nonetheless, the use of local name spaces is critical to the system. Both these ideas are illustrated by the use of the name space to handle heterogeneity. The binaries for a given architecture are contained in a directory named by the architecture, for example /mips/bin; in use, that directory is bound to the conventional location /bin. Programs such as shell scripts need not know the CPU type they are executing on to find binaries to run. A directory of private binaries is usually unioned with /bin. (Compare this to the ad hoc and special-purpose idea of the PATH variable, which is not used in the Plan 9 shell.) Local bindings are also helpful for debugging, for example by binding an old library to the standard place and linking a program to see if recent changes to the library are responsible for a bug in the program. The window system, 8 [Pike91], is a server for files such as /dev/cons and /dev/bitblt. Each client sees a distinct copy of these files in its local name space: there are many instances of /dev/cons, each served by 8 to the local name space of a window. Again, 8 implements services using local name spaces plus the use of I/O to conventionally named files. Each client just connects its standard input, output, and error files to /dev/cons, with analogous operations to access bitmap graphics. Compare this to the implementation of /dev/tty on UNIX,

which is done by special code in the kernel that overloads the file, when opened, with the standard input or output of the process. Special arrangement must be made by a UNIX window system for/dev/tty to behave as expected; 8 instead uses the provision of the corresponding file as its central idea, which to succeed depends critically on local name spaces. The environment 8 provides its clients is exactly the environment under which it is implemented: a conventional set of files in/dev. This permits the window system to be run recursively in one of its own windows, which is handy for debugging. It also means that if the files are exported to another machine, as described below, the
16

window system or client applications may be run transparently on remote machines, even ones without graphics hardware. This mechanism is used for Plan 9s implementation of the X window system: X is run as a client of 8, often on a remote machine with lots of memory. In this configuration, using Ethernet to connect MIPS machines, we measure only a 10% degradation in graphics performance relative to running X on a bare Plan 9 machine. An unusual application of these ideas is a statistics-gathering file system implemented by a command called iostats. The command encapsulates a process in a local name space, monitoring 9P requests from the process to the outside world the name space in which iostats is itself running. When the command completes, iostats reports usage and performance figures for file activity. For example iostats 8 can be used to discover how much I/O the window system does to the bitmap device, font files, and so on. The import command connects a piece of name space from a remote system to the local name space. Its implementation is to dial the remote machine and start a process there that serves the remote name space using 9P. It then calls mount to attach the connection to the name space and finally dies; the remote process continues to serve the files. One use is to access devices not available locally. For example, to write a floppy one may say import lab.pc /a: /n/dos cp foo /n/dos/bar The call to import connects the file tree from /a: on the machine lab.pc (which must support 9P) to the local directory/n/dos. Then the file foo can be written to the floppy just by copying it across. Another application is remote debugging: import helix /proc makes the process file system on machine helix available locally; commands such as ps then see helixs processes instead of the local ones. The debugger may then look at a remote process: db /proc/27/text /proc/27/mem
17

allows breakpoint debugging of the remote process. Since db infers the CPU type of the process from the executable header on the text file, it supports cross-architecture debugging, too. Care is taken within db to handle issues of byte order and floating point; it is possible to breakpoint debug a big-endian MIPS process from a littleendian i386. Network interfaces are also implemented as file systems [Presotto]. For

example, /net/tcp is a directory somewhat like/proc: it contains a set of numbered directories, one per connection, each of which contains files to control and communicate on the connection. A process allocates a new connection by accessing /net/tcp/clone, which evaluates to the directory of an unused connection. To make a call, the process writes a textual message such as connect 135.104.53.2!512 to the ctlfile and then reads and writes the data file. An rlogin service can be implemented in a few of lines of shell code. This structure makes network gatewaying easy to provide. We have machines with Datakit interfaces but no Internet interface. On such a machine one may type import helix /net telnet tcp!ai.mit.edu The import uses Datakit to pull in the TCP interface from helix, which can then be used directly; the tcp! notation is necessary because we routinely use multiple networks and protocols on Plan 9it identifies the network in which ai.mit.edu is a valid name. In practice we do not use rlogin or telnet between Plan 9 machines. Instead a command called cpu in effect replaces the CPU in a window with that on another machine, typically a fast multiprocessor CPU server. The implementation is to recreate the name space on the remote machine, using the equivalent of import to connect pieces of the terminals name space to that of the process (shell) on the CPU server, making the terminal a file server for the CPU. CPU-local devices such as fast file system connections are still local; only terminal-resident devices are imported. The result is unlike UNIX rlogin, which moves into a distinct name space on the remote machine, or file sharing with NFS, which keeps the name space the same but forces processes to execute locally. Bindings in /bin may change because of a change in CPU architecture, and the networks involved may be different
18

because of differing hardware, but the effect feels like simply speeding up the processor in the current name space.

Position
These examples illustrate how the ideas of representing resources as file systems and per-process name spaces can be used to solve problems often left to more exotic mechanisms. Nonetheless there are some operations in Plan 9 that are not mapped into file I/O. An example is process creation. We could imagine a message to a control file in /proc that creates a process, but the details of constructing the environment of the new process its open files, name space, memory image, etc. are too intricate to be described easily in a simple I/O operation. Therefore new processes on Plan 9 are created by fairly conventional rfork and exec system calls; /proc is used only to represent and control existing processes. Plan 9 does not attempt to map network name spaces into the file system name space, for several reasons. The different addressing rules for various networks and protocols cannot be mapped uniformly into a hierarchical file name space. Even if they could be, the various mechanisms to authenticate, select a service, and control the connection would not map consistently into operations on a file. Shared memory is another resource not adequately represented by a file name space. Plan 9 takes care to provide mechanisms to allow groups of local processes to share and map memory. Memory is controlled by system calls rather than special files, however, since a representation in the file system would imply that memory could be imported from remote machines.

Despite these limitations, file systems and name spaces offer an effective model around which to build a distributed system. Used well, they can provide a uniform, familiar, transparent interface to a diverse set of distributed resources. They carry well-understood properties of access, protection, and naming. The integration of devices into the hierarchical file system was the best idea in UNIX. Plan 9 pushes the concepts much further and shows that file systems, when used inventively, have plenty of scope for productive research.

SECURITY IN PLAN 9
19

The security architecture of the Plan 9 operating system has recently been redesigned to address some technical shortcomings. This redesign provided an opportunity also to make the system more convenient to use securely. Plan 9 has thus improved in two ways not usually seen together: it has become more secure and easier to use. The central component of the new architecture is a per-user self-contained agent called factotum. Factotum securely holds a copy of the users keys and negotiates authentication protocols, on behalf of the user, with secure services around the network. Concentrating security code in a single program offers several advantages including: ease of update or repair to broken security software and protocols; the ability to run secure services at a lower privilege level; uniform management of keys for all services; and an opportunity to provide single sign on, even to unchanged legacy applications. Factotum has an unusual architecture: it is implemented as a Plan 9 file server.

CONCLUSION
Bell-Labs research group have presented us with a one-of-a-kind research platform, which definitely has the possibility of attracting students and professors attention Maybe not a commercially viable product, but a very good learning tool Need to emphasize on the lower learning curve with regards to deep internals. Code very easy to read Ability to share ideas and learn from some of the groundbreaking personalities in this field is an enormous ego boost
20